| ID |
Date |
Icon |
Author |
Author Email |
Category |
OS |
ELOG Version |
Subject |
|
67166
|
Wed Jan 25 14:05:46 2012 |
 | Christian Herzog | herzog@phys.ethz.ch | Comment | All | 2.9.0 | Re: problems with https in Chrome and IE |
| Andreas Luedeke wrote: |
|
| Christian Herzog wrote: |
|
[...] we're evaluating elog right now at the Physics Department of ETH Zurich and I'm trying to come up with a good config. One of the first steps of course was to enable SSL/https. With http, all tested browsers work fine, but with https at least Google Chrome 16 and IE 9 do not get past the "unknown certificate" warning and I see "TCP connection broken" errors in the log file. Firefox however works fine. Same behavior on Linux, Mac and Windows (given the browser in question is available). elog server is running on Lucid.[...]
|
 ⇄
Detect language » English
If you want to use https you should know what a certificate is.
Certificates are used to encript the data, but at the same time they are used to identify the host.
ELOG is delivered with a self generated certificate.
This can be used to encript the data, but no certification authority knows this certificate, so nobody can guaratee that you are connected to the right host.
Most browsers will warn you, that nobody did and if you don't care you need to change the security settings of you browser to accept the connection anyway.
The proper way out of this is to buy a certificate from a certification authority. Or to switch off https. (See https://midas.psi.ch/elog/config.html#global SSL option)
|
we know about certificates, thank you 
The point is that it stops AFTER the point at which I tell the browser to accept the self-signed certificates. I now even got a CACert and the problem remains: FF works, Chrome and IE don't: https://phd-bkp-gw2.ethz.ch:8080/admin/
log says: TCP connection broken
thanks,
-Christian |
|
67165
|
Wed Jan 25 10:50:43 2012 |
 | Andreas Luedeke | andreas.luedeke@psi.ch | Comment | All | 2.9.0 | Re: problems with https in Chrome and IE |
| Christian Herzog wrote: |
|
[...] we're evaluating elog right now at the Physics Department of ETH Zurich and I'm trying to come up with a good config. One of the first steps of course was to enable SSL/https. With http, all tested browsers work fine, but with https at least Google Chrome 16 and IE 9 do not get past the "unknown certificate" warning and I see "TCP connection broken" errors in the log file. Firefox however works fine. Same behavior on Linux, Mac and Windows (given the browser in question is available). elog server is running on Lucid.[...]
|
⇄
Detect language » English
If you want to use https you should know what a certificate is.
Certificates are used to encript the data, but at the same time they are used to identify the host.
ELOG is delivered with a self generated certificate.
This can be used to encript the data, but no certification authority knows this certificate, so nobody can guaratee that you are connected to the right host.
Most browsers will warn you, that nobody did and if you don't care you need to change the security settings of you browser to accept the connection anyway.
The proper way out of this is to buy a certificate from a certification authority. Or to switch off https. (See https://midas.psi.ch/elog/config.html#global SSL option) |
|
67164
|
Wed Jan 25 10:07:16 2012 |
 | Christian Herzog | herzog@phys.ethz.ch | Bug report | Linux | 2.9.0 | problems with https in Chrome and IE | Hi,
we're evaluating elog right now at the Physics Department of ETH Zurich and I'm trying to come up with a good config. One of the first steps of course was to enable SSL/https. With http, all tested browsers work fine, but with https at least Google Chrome 16 and IE 9 do not get past the "unknown certificate" warning and I see "TCP connection broken" errors in the log file. Firefox however works fine. Same behavior on Linux, Mac and Windows (given the browser in question is available). elog server is running on Lucid.
Any idea?
thanks,
-Christian |
|
67163
|
Fri Jan 13 14:33:04 2012 |
| Stefan Ritt | stefan.ritt@psi.ch | Bug report | Windows | 2.9.0-2396 | Re: Elog does not work after installing MS12-006/MS12-012 on Win 7 |
| Allen wrote: |
|
| Allen wrote: |
|
A little more information here
We are running elog on an Ubuntu server
Elog was working fine, then, on a windows 7 machine, MS12-006 was installed, rebooted, and could no longer connect to the elog web page.
Discovered that in Internet Explorer 8, by unchecking the use TLS 1.0 in options advanced tab, and making sure that SSL 3.0, TLS 1.1, TLS 1.2 were checked, that the page once again worked. I'm guessing the elog does not support SSL 3.0, otherwise, I assume I would have to uncheck that as well. Things do appear to still work on XP, thus far, only Windows 7 appears to break. While we have a work around, ideally we would like to see a bug fix so that (for legacy reasons), elog will still work with TLS 1.0 on Windows 7.
|
Also, strangely, I am able to use the elog forum page https://midas.psi.ch/elogs/Forum while TLS 1.0 is checked. I notice the version number is 2.9.0-2425, while we are using 2.9.0-2396, so wondering if this is fixed in this newer version.
|
The forum does not use TLS, but has Apache in front of it which works as a proxy. So TLS is actually handled by Apache, which might have a newer implementation of TLS. The ELOG version number certainly does not make a difference, I did not touch the SSL functionality in a while. But when you compile ELOG on your Ubunto server, you can maybe play with different versions of OpenSSL and see if that changes anything?
- Stefan |
|
67162
|
Thu Jan 12 19:37:52 2012 |
| Allen | bastss@rit.edu | Bug report | Windows | 2.9.0-2396 | Re: Elog does not work after installing MS12-006/MS12-012 on Win 7 |
| Allen wrote: |
|
A little more information here
We are running elog on an Ubuntu server
Elog was working fine, then, on a windows 7 machine, MS12-006 was installed, rebooted, and could no longer connect to the elog web page.
Discovered that in Internet Explorer 8, by unchecking the use TLS 1.0 in options advanced tab, and making sure that SSL 3.0, TLS 1.1, TLS 1.2 were checked, that the page once again worked. I'm guessing the elog does not support SSL 3.0, otherwise, I assume I would have to uncheck that as well. Things do appear to still work on XP, thus far, only Windows 7 appears to break. While we have a work around, ideally we would like to see a bug fix so that (for legacy reasons), elog will still work with TLS 1.0 on Windows 7.
|
Also, strangely, I am able to use the elog forum page https://midas.psi.ch/elogs/Forum while TLS 1.0 is checked. I notice the version number is 2.9.0-2425, while we are using 2.9.0-2396, so wondering if this is fixed in this newer version. |
|
67161
|
Thu Jan 12 19:34:28 2012 |
| Allen | bastss@rit.edu | Bug report | Windows | 2.9.0-2396 | Re: Elog does not work after installing MS12-006/MS12-012 on Win 7 |
A little more information here
We are running elog on an Ubuntu server
Elog was working fine, then, on a windows 7 machine, MS12-006 was installed, rebooted, and could no longer connect to the elog web page.
Discovered that in Internet Explorer 8, by unchecking the use TLS 1.0 in options advanced tab, and making sure that SSL 3.0, TLS 1.1, TLS 1.2 were checked, that the page once again worked. I'm guessing the elog does not support SSL 3.0, otherwise, I assume I would have to uncheck that as well. Things do appear to still work on XP, thus far, only Windows 7 appears to break. While we have a work around, ideally we would like to see a bug fix so that (for legacy reasons), elog will still work with TLS 1.0 on Windows 7.
|
|
67160
|
Wed Jan 11 22:19:49 2012 |
| Allen | bastss@rit.edu | Bug report | Windows | 2.9.0-2396 | Elog does not work after installing MS12-006/MS12-012 on Win 7 | After patching a windows 7 computer with MS12-006, can no longer connect to elog, get page cannot be displayed
See
http://support.microsoft.com/kb/2643584 |
|
67158
|
Fri Dec 23 14:31:27 2011 |
| Michael Dannmeyer | michael.dannmeyer@solvias.com | Question | Windows | 2.9.0 | Re: Problems with Version 2.9.0 Service did not start |
| Grant Jeffcote wrote: |
|
| Stefan Ritt wrote: |
|
| Michael Dannmeyer wrote: |
|
Hello,
I tried to update our ELOG installation 2.7.8 to 2.9.0. If I try to start the service i get the error:
Error 193: %1 is not a valid win32 application.
I uninstalled the old version an installed the new one.
Do you have any Idea? The OS is windows 2000 Server.
Best regards
Michael
Could not start the elogd service on local Computer
|
Can you start elogd.exe manually in a DOS box? If you get the same error there, the download file might be corrupted and you should try to re-load it again.
Best regards,
Stefan
|
Michael,
I had this problem with the service/elogd.exe not starting on the later versions of ELog and with Stefan's help we tracked it down to some missing Microsoft C runtime library files.
In my case it was a fresh install of Win2k3.
Try installing one the following and see if it helps (mine was solved with the middle option).
http://www.microsoft.com/download/en/details.aspx?id=3387
http://www.microsoft.com/download/en/details.aspx?id=5582
http://www.microsoft.com/download/en/details.aspx?id=5555
Regards
Grant
|
Thanks probelm is solved.
ELOG was installed at a windows 2000 Server. After Grant's Tip I moved it to W2003R2 and installed the midlle option. No it works without any problems.
Regards
Michael |
|